Traffic Log - Realtime Traffic Reporting & Logging

The Traffic Log utility in DiamondCS Port Explorer reports traffic as it happens, allowing you to see exactly what network events are happening on your system, in what order, and from which process(es). Port Explorer allows you to save the log to a file as it happens, or simply report it on-screen. It's a great way to see if any unknown or unwanted software is transmitting/receiving data, very helpful in testing, detecting and troubleshooting network problems and bottlenecks, and makes it easy to see all network activity on your system.

Window Logging
The Window Logging capability allows you to see the Traffic Log on-screen in realtime, and is built into the main interface for easy viewing.

The columns provide the following information.
# - The event ID, generated in order of occurance. For example, #1 is the first network event recorded, #2 is the second, and so on.
Time - The exact time the network event was generated (hour:minute:second).
Process:PID - The process filename and numeric process ID that generated the network event.
Action - The type of network event. These include Send, Receive, Open, Connect, Listen, Accept, and Close.
Protocol - The network transport protocol being used (such as TCP or UDP).
Local Address - The local IP address and local port being used in the network event.
Remote Address - The remote IP address and remote port being used in the network event.
Status - All network events return SUCCESS or FAILED.
Bytes - How many bytes were transmitted. This only applies to SEND and RECEIVE network events. If the action is SEND, Bytes indicates how many bytes were sent from the local host to the remote host. If the action is RECEIVE, Bytes indicates how many bytes were sent from the remote host to the local host. To see what data is being transmitted you can use the Socket Spy utility.

Window Logging can be disabled by selecting the Settings | Window Logging | Disabled menu item. The Window Logging window can be hidden by deselecting the View | Show Log Window menu item.


File Logging
 The File Logging capability allows you to automatically log all traffic to a file. The file is saved as PELOG.TXT in your Port Explorer directory, and is recorded in a similar format to Window Logging, as seen here:
------------------------------------------------------------------------------------------------------------|
|         DATE        |ACTION | PRO |   Local Address:Port | Remote Address:Port  | Status | Bytes | Process
------------------------------------------------------------------------------------------------------------|
24/02/2003 14:37:43pm   OPEN    TCP        0.0.0.0:0              0.0.0.0:0        Success          D:\telnet.exe:956
24/02/2003 14:37:43pm  CONNECT  TCP     10.0.0.85:1420           10.0.0.9:25       Success          D:\telnet.exe:956
24/02/2003 14:37:48pm  RECEIVE  TCP     10.0.0.85:1420           10.0.0.9:25       Success    100   D:\telnet.exe:956
24/02/2003 14:38:08pm   SEND    TCP     10.0.0.85:1420           10.0.0.9:25       Success     1    D:\telnet.exe:956

With the exception of the last field ("Process") all fields are fixed-width, making it easy for 3rd-party developers and administrators to write their own custom parsers.

File Logging can be disabled by selecting the Settings | File Logging | Disabled menu item. The logfile itself can be viewed simply by selecting the Settings | File Logging | View File Log menu item.


Copyright ⌐ 2002-2003 Diamond Computer Systems Pty. Ltd. - http://www.diamondcs.com.au
DiamondCS Port Explorer Website - http://www.diamondcs.com.au/portexplorer